package com.impl;

import java.sql.Connection;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import java.util.Scanner;

import org.junit.Test;

import com.datautil.DemoDateBaseUtil;
import com.login.PageMenu;
import com.login.user;

public class UserDao {
	//插入用户注册信息
	public static void insert(user us) throws SQLException{
		Connection conn = DemoDateBaseUtil.getConnection();
		
		String sql = "insert into user(name,pwd) VALUES(?,?)";
		try {
			PreparedStatement ps = conn.prepareStatement(sql);
			ps.setString(1, us.getName());
			ps.setString(2, us.getPwd());
			
			ps.executeUpdate();
			// 释放此 PreparedStatement 对象的数据库和 JDBC 资源
			ps.close();
		} catch (Exception e) {
			e.printStackTrace();
		} finally {
			// 关闭数据库连接
			DemoDateBaseUtil.closeConnection(conn);
		}
	}
	@Test
	//查询用户登录信息
	 public static void select() throws SQLException{
		 Connection conn = DemoDateBaseUtil.getConnection();
		 System.out.print("请输入账号1：");
		 Scanner sc=new Scanner(System.in);
	     String name=sc.next();
	     
	     System.out.print("请输入密码：");
	     //Scanner sc1=new Scanner(System.in);
	     String pwd=sc.next();
		 String sql ="select * from user where name='"+name+"' and pwd='"+pwd+"'";
		  //获取statement,sm,错误验证也可以获得用户信息
		 Statement sm=conn.createStatement();
		 ResultSet rs=sm.executeQuery(sql);
		//psm，获取预编译报表，防止sql注入
		 /*PreparedStatement psm=conn.prepareStatement(sql);
		 ResultSet rs=psm.executeQuery(sql);*/
		 while (rs.next()) {
			/*if (rs.getString("name").equals(name)) {
					if(rs.getString("pwd").equals(pwd)){
						System.out.println("登录成功！");
						new PageMenu().start();
					}
					else{
						System.out.println("请重新输入信息");
					}
				}*/
			 System.out.println("登录成功");
			 new PageMenu().start();
			 
			
	 }

	}
}